Articles Related
Authentication
Authorization
- User
User | Description |
---|---|
SYS | The SYS user owns all base tables and user-accessable view of the data dictionary (Oracle configuration information). No Oracle user should ever alter (update, delete, or insert) any rows or schema objects conatained in the SYS schema, because such activity can compromise data integrety. The security administrator must keep strict control of this central account. |
SYSTEM | The SYSTEM user is used to create additional tables and views that display administrative information, and internal tables and views used by various Oracle options and tools. |
SYSMAN | The SYSMAN user represents the Enterprise Manager super admin account. This EM admin can create and modify other EM admin accounts as well as admin the database instance itself. |
DBSNMP | The DBSNMP user is used by EM to monitor the database. EM uses this account to access performance stats about the database. The DBSNMP credentials sometimes referred to as the monitoring credentials. |
In addition to these users, a user can connect with diffrent levels of privileges, namely SYSDBA and SYSOPER. When you connect using “connect sys/passwd as sysdba” your connecting as the SYS user and requesting SYSDBA privs.
Automate Grant
210693.1 How to Automate Grant Operations When New Objects Are Created in a SCHEMA/DATABASE on Metalink see http://asktom.oracle.com/pls/asktom/f?p=100:11:::::P11_QUESTION_ID:646423863863 for a less complex way – it uses a JOB so you DON'T HAVE to write any code at all except for the very simple trigger. I don't like that note, it is far too complex of an implementation. See my link – short, to the point – easy to understand.
Audit
Oracle Default Password Auditing Tool osp_accounts_public.zip